What Privacy Policy covers

C.A. Papaellinas Emporiki Ltd is a Controller of the personal data you (data subject) provide us so we want you to be clear about what this Policy covers. We collect, use and protect the following personal data from you, that’s why we’ve developed this privacy policy which:

sets out the types of personal data that we collect

explains how and why we collect and use your personal data

explains when and why we will share personal data.

explains the rights and choices you have when it comes to your personal data

When you register for our Services, you may provide us with:

Your account login details, such as your username and the password that you have chosen.

When you browse our websites, or use our mobile app, we may collect:

Information about your online browsing behavior on our Websites and Mobile Apps and information about when you click on one of our adverts (including those shown on other organizations’ websites).

Information about any devices you have used to access our Services (including the make, model and operating system, IP address, browser type and mobile device identifiers).

When you use our Social Family Card to shop with us, or use vouchers or coupons, we may collect:

Transaction information, including the in-store purchases you earn social family card points for and how you use your coupons and vouchers.

When you contact us, or we contact you, or you take part in promotions, competitions, surveys or questionnaires about our Services, we may collect:

Personal data you provide about yourself anytime you contact us about our Services (for example, your name, username and contact details), including by phone, email or post or when you speak with us through social media.

Details of the emails and other digital communications we send to you that you open, including any links in them that you click on.

2. How and why we use personal data

Make our Services available to you

Why do we process your personal data in this way?
We need to process your personal data so that we can manage your customer accounts, provide you with the goods and services you want to buy and help you with any orders and refunds you may ask for.

Manage and improve our daily operations

Manage and improve our website and mobile app.

Why do we process your personal data in this way?

We use cookiesand similar technologies on our website and mobile app to improve your customer experience. Some cookies are necessary, so you should not disable these if you want to be able to use all the features of our website and mobile app. You can disable other cookies, but this may affect your customer experience. For more information about cookies and how you can disable them, see the cookies section.

Help to develop and improve our product range, services, stores, information technology systems, know-how and the way we communicate with you.

Why do we process your personal data in this way?

We rely on the use of personal data to carry out market research and internal research and development, and to improve our information technology systems (including security) and our product range, services and stores. This allows us to serve you better as a customer.

Detect and prevent fraud or any other crime.

Why do we process your personal data in this way?

It is important for us to monitor how our services are used to detect and prevent fraud, other crimes and the misuse of services. This helps us to make sure that you can safely use our services.

Personalise your Alphamega experience

Use your online browsing behavior as well as your in-store and your social family card transactions to help us better understand you as a customer and provide you with personalized offers and services.

Why do we process your personal data in this way?
Looking at your browsing behaviour and purchases allows us to personalise the offers we send to you and understand a bit more about the kind of shopper you are.

Provide you with relevant marketing communications (including by email, via SMS, via post or online advertising), relating to our products and services. As part of the online advertising may be displayed on websites across the C.A Papaellinas Emporiki Ltd and on other organizations’ websites and online media channels.

Why do we process your personal data in this way?
We want to ensure that we provide you with marketing communications, including online advertising, that are relevant to your interests. To achieve this, we also measure your responses to marketing communications relating to products and services we offer, which also means we can offer you products and services that better meet your needs as a customer. You can change your marketing choices, both when you register with us, and at any time after that in kiosks at stores, in our mobile app, by clicking the unsubscribe link in the footer of any marketing email, by CALLING TO 80080039 at the end of any SMS or in writing.

You also have choices when it comes to online advertising. We set out below your choices when it comes to cookies, and how you can control your online behavioural advertising preferences.

Contact and interact with you

Contact you about our Services, for example by phone, SMS, email or post or by responding to social media posts that you have directed at us.

Why do we process your personal data in this way?
We want to serve you better as a customer, so we use personal data to provide clarification or assistance in response to your communications

Manage promotions and competitions you take part in, including those we run with our suppliers.

Why do we process your personal data in this way?
We need to process your personal data so that we can manage the promotions and competitions you choose or automatically enter.

Invite you to take part in and manage customer surveys, questionnaires
and other market research activities carried out by the C.A Papaellinas Emporiki Ltd.

Why do we process your personal data in this way?
We carry out market research to improve our Services. However, if we contact you about this, you do not have to take part in the activities. If you tell us that you do not want us to contact you for market research, we will respect this choice. This will not affect your ability to use our Services or your social family card.

To help us to better understand you as a customer and to be able to provide you with services and marketing communications, including online advertising, that are relevant to your interests we also combine personal data we collect when you make purchases in-store using social family card with personal data collected from our Websites, Mobile App and other sources.

Claims

To resolve legal claims or disputes involving you or us.

Why do we process your personal data in this way?

For example, if you have any accident or there is an incident at our stores. This could include medical reports.

CCTV

To monitor the safety of our stores to prevent and detect crime and anti-social behaviour.

Why do we process your personal data in this way?

To protect our business, the local community, customers and colleagues.

3. Marketing

We will send you relevant offers and news about our products and services in several ways including SMS, email, but only if you are our customer or previously agreed to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices at any time in kiosks at stores, in our mobile app, by clicking the unsubscribe link in the footer of any marketing email, by CALLING TO 80080039 at the end of any SMS or in writing.

4. Sharing personal data with Retail Partners and Service Providers.

When we share personal data with these companies we require them to keep it safe, and they must not use your personal data for their own marketing purposes.

Retail partners

We only share personal data that enable our Retail Partners to provide their services.

Service Providers

We work with carefully selected Service Providers that carry out certain functions on our behalf. These include, for example, companies that help us with technology services, storing, combining and analysing data, processing payments, provide us with legal or other professional services. We only share personal data that enable our Service Providers to provide their services.

5. Sharing personal data with other organizations

We may share personal data with other organizations in the following circumstances:

if the law or a public authority says we must share the personal data or for the administration of justice.

if we need to share personal data to establish, exercise or defend our legal rights (include providing personal data to others for the purposes of preventing fraud).

6. How we protect personal data

We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data.

We use computer safeguards such as firewalls to keep this data safe.

We only authorise access to employees and trusted partners who need it to carry out their responsibilities.

We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

We will ask for proof of identity before we share your personal data with you.

7. How long we keep it

Any personal data held by us will be kept no longer than we need to, how long this is depending on several factors such as:

Why we collected it in the first place.

How old it is.

Whether there is a legal/regulatory reason for us to keep it.

Whether we need it to protect you or us.

8. Changes to This Privacy Policy

It is our policy to post any changes we make to our Privacy Policy on this page, so please check the Privacy Policy (posted at www.alphamega.com.cy ) periodically for updates.

9. What are your rights?

Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it, deleted it or in the event that you wish to complain about how we have handled your personal data, please write to:

Our Data Protection Officer will then look into your complaint and work with you to resolve the matter.

If you still feel that your personal data has not been handled appropriately according to the law, you can contact the Office of the Commissioner of Protection of Personal Data and file a complaint with them.